Berkeley Technology Law Journal Volume 13 | Issue 1

Article 27

January 1998

Cyber Promotions, Inc. v. America Online, Inc. Richard C. Lee

Follow this and additional works at: http://scholarship.law.berkeley.edu/btlj Recommended Citation Richard C. Lee, Cyber Promotions, Inc. v. America Online, Inc., 13 Berkeley Tech. L.J. 417 (1998). Available at: http://scholarship.law.berkeley.edu/btlj/vol13/iss1/27

Link to publisher version (DOI) http://dx.doi.org/doi:10.15779/Z38138T This Article is brought to you for free and open access by the Law Journals and Related Materials at Berkeley Law Scholarship Repository. It has been accepted for inclusion in Berkeley Technology Law Journal by an authorized administrator of Berkeley Law Scholarship Repository. For more information, please contact [email protected].

STATE ACTOR

CYBER PROMOTIONS, INC. V. AMERICA ONLINE, INC. By RichardC Lee

Due to its low costs, high speed, and relative convenience, electronic communication via the Internet is rapidly becoming one of the most important modes of communication in the United States and throughout the world.' As the number of on-line users explodes, businesses are looking for ways to capitalize on market opportunities associated with Internet communications. This entrepreneurial behavior has given rise to a new set of legal problems. In Cyber Promotions, Inc. v. America Online, Inc.,2 the District Court for the Eastern District of Pennsylvania held that the First Amendment of the United States Constitution does not guarantee a right to freely disseminate unsolicited electronic messages (widely known as e-mails) to subscribers of on-line services. 3 During a later motion, the court also found that there was little likelihood that America Online had violated section 2 of the Sherman Act.4 This case marks the first legal defeat for unsolicited commercial e-mail (junk e-mail or spam) advertisers (spammers), and was widely welcomed on the Internet as a major victory for the numerous Internet users who vigorously oppose the practice. 5 Cyber Promotions is significant in that it is the first case where the junk e-mail receivers' Internet Service Provider (the receiving ISP), rather than the recipients themselves, is the plaintiff. Prior to this case, junk emails were considered similar to junk mails and junk faxes in that in© 1998 Berkeley Technology Law Journal & Berkeley Center for Law and Technology. 1. See, e.g., Michael W. Carroll, GarbageIn: EmergingMedia and Regulation of Unsolicited CommercialSolicitations, 11 BERKELEY TECH. L.J. 233, 253 (1996). 2. 948 F. Supp. 436 (E.D. Pa. 1996) [hereinafter Cyber I]. 3. See id. at 456. 4. See 948 F. Supp. 456, 464-65 (E.D. Pa. 1996) [hereinafter Cyber I]. 5. See, e.g., newsgroup news.admin.net-abuse.e-mail. Unsolicited e-mails have generated much concern among privacy advocates. Net privacy fighters (antispammers) are a particularly vocal and active group; many entities related with junk mails have received paralyzing system attacks, viruses, and even physical threats. See Janet Kornblum, AGIS Turns Back On Spam (visited Feb. 11, 1998) ; Janet Komblum, CompuServe Given "Death Penalty" (visited Feb. 11, 1998) . The level of concern over this activity, however, seems to be disproportionate to the actual damage done to the average e-mail user's privacy. See discussion infra Part IV.

BERKELEY TECHNOLOGY LAW JOURNAL

[Vol. 13:417

fringement upon the recipients' privacy was perceived to be the central issue. 6 Message recipients naturally appeared to be the proper plaintiffs to seek compensation via actions over e-mail abuses, just as they were the proper plaintiffs in suits over junk letters and faxes. In this case, however, junk e-mail disputes became clearly distinguishable from other unsolicited-transmission disputes. It was recognized that unlike other forms of unwanted solicitations, junk e-mail solicitations not only burden a party other than the recipients, but also place a much more concentrated economic burden on that party. The receiving ISP, rather than the e-mail recipient, was acknowledged as "the legitimate spam victim," or the party bearing the true costs resulting from unsolicited e-mail messages. This case and other similar disputes that followed have essentially put the receiving ISP in a position to bring lawsuits against anyone who sends messages that it considers unacceptable. 7 This dispute also demonstrates how ineffective the market can be in regulating undesirable on-line conduct, and how the court may not be the best forum for addressing the junk e-mail issue. While broad prohibitive bulk e-mail regulation may provide a quick answer, the most efficient solution to the problem raised in this case is legislation that assists the market in a limited capacity, by only ensuring that technology can successfully block unsolicited messages before recipients incur unnecessary costs. I.

FACTS AND PROCEDURAL HISTORY

The plaintiff, Cyber Promotions (Cyber), was the largest company specializing in sending bulk commercial e-mails for advertisers. 8 The defendant, America Online (AOL), was the largest provider of Internet ac6. For a recipient-oriented discussion treating unsolicited commercial solicitations primarily as invasions of user privacy, see Carroll, supra note 1 at 234. A "tragedy of the commons" will eventually result, the article predicts, because junk e-mails degrade the users' Internet experience. 7. Since this case, it has become more common for ISPs to take spammers to court. See, e.g., Janet Kornblum, AOL Sues More Spammers (visited Feb. 11, 1998) . Recently AOL moved beyond suing spammers for sending messages that are unsolicited and started to file complaints based on the content of their messages. See, e.g., Janet Kornblum, AOL Sues Porn Spammers (visited Mar. 6, 1998) . 8. Incorporated in 1996 and swiftly expanded to serve 8,000 advertisers by 1997,

Cyber Promotions was the largest service of its kind before it went offline in the same year due to its inability to secure its own ISP server, and its founder, Sanford Wallace, is generally referred to on the net as the "Spam King." See Janet Komblum, Spamford 1998) .

1998]

CYBER PROMOTIONS v. AOL

cess. 9 AOL provided proprietary content to its subscribers as an on-line service provider.' 0 To increase revenue beyond its membership fees, AOL also sold rights to advertisers to send unsolicited advertisements to its subscribers." AOL users regularly received AOL-endorsed junk e-mail mespop-up messages" unless they took affirmative sages called "marketing 12 steps to block them. Without paying AOL for the privilege, Cyber sent unsolicited e-mail messages to AOL subscribers. 13 In response to user complaints, AOL decided to implement a new program so that its users would not be exposed to junk e-mails unless they expressly asked for them. 14 In addition, it packed all the undeliverable messages into a huge file and sent the file back to Cyber's e-mail account in retaliation, paralyzing servers of Cyber's ISP. 15 As a direct result of this, Cyber's ISP terminated Cyber's account. 16 Cyber filed suit against AOL in the Eastern District of Pennsylvania, alleging violation of the Computer Fraud and Abuse Act, intentional interference with contractual relations, tortious interference with prospective contractual relations, and unfair competition. 17 AOL responded by filing suit in the Eastern District of Virginia, alleging service and trade name infringement, service mark and trade name dilution, false designation of origin, false advertising, unfair competition, misappropriation, conversion, 9. A recent tabulation shows that AOL has more than 11 million subscribers and is still the largest on-line service provider in the world. See Yahoo! Finance, Latest Media Metrix Report Underscores America Online's Leadership in Cyberspace (visited Feb. 12, 1998) . 10. See Cyber1,948 F. Supp. at 439. 11. See Cyber II, 948 F. Supp. at 460. 12. See id. 13. See id. at 459. 14. See id. 15. See Cyber , 948 F. Supp. at 437. This is known as "e-mail bombing": the recipient's server becomes overloaded by a file larger than its maximum capacity, and shuts down. 16. Since then, Cyber has struggled to locate other ISPs willing to provide service to it. In September of 1997, Cyber sued one of its ISPs after the ISP breached its contract with Cyber and terminated Cyber's account because it had received constant system attacks and personal threats for servicing Cyber. Cyber won, but was still dropped from its service after the contract expired, and has yet to get back on-line. See Courtney Macavinta, Spammer Back Online, Temporarily (visited Mar. 6, 1998) . Earlier this year, Wallace tried to set up his own provider, but was shut down several hours after its announcement. See Janet Kornblum, Spam Site Killed Under Threats (visited Feb. 11, 1998) . 17. See CyberI, 948 F. Supp. at 437.

BERKELEY TECHNOLOGY LAW JOURNAL

[Vol. 13:417

unjust enrichment, and violations of the Virginia Consumer Protection Act, the Electronic Communications Privacy Act, the Computer Fraud and Abuse Act, and the Virginia Computer Crimes Act.1 8 Both parties sought injunctions and damages. The two cases were subsequently consolidated in the Eastern District of Pennsylvania. AOL filed a summary judgment motion against Cyber's First Amendment claim for its right to freely send e-mail messages.19 On November 4, 1996, Judge Charles Weiner held that Cyber had no right to freely send e-mail to AOL subscribers under the free speech guarantees of the U.S. Constitution, the Pennsylvania constitution, or the Virginia constitution; however, he gave Cyber ten days to produce alternative theories to support its right to send its junk e-mails.2 ° Cyber promptly proposed a new antitrust monopolization theory, and sought a temporary restraining order against AOL. On November 26, 1996, the court found little likelihood of success on the merits of Cyber's antitrust claim and denied the temporary restraining order. 2 1 Cyber subsequently filed for reconsideration on the free speech issue, but its motion was denied on December 20, 1996.22 During this time, other major ISPs also initiated suit against Cyber. By February 3, 1997, three providers had sued Cyber and one court had enjoined Cyber from sending messages to Compuserve, one of the largest ISPs. 23 On February 4, 1997, AOL and Cyber settled. The parties agreed that Cyber could continue sending messages to AOL customers, but its asked messages would be blocked from AOL users unless they expressly 24 for them. Cyber further agreed not to evade AOL's blockage. II. THE COURT'S ANALYSIS The First Amendment to the United States Constitution states: "Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press. ,,25 In interpreting and analyzing the First Amendment, the U.S. Supreme Court has recognized that "the constitutional guarantee of free 18. Seeid. at 437-38. 19. See id. at 438. 20. See id. at 446-47. 21. See Cyber II, 948 F. Supp. at 464-65. 22. See Cyber , 948 F. Supp. at 456. 23. See Courtney Macavinta, Another Setback for Spam King (visited Feb. 11, 1998) . 24. See Courtney Macavinta, Spam King and AOL Agree to Disagree(visited Feb. 11, 1998) . 25. U.S. CONST. amend. I.

1998]

CYBER PROMOTIONS v. AOL

speech is a guarantee only against abridgment by government, federal or state" 26 and "erects no shields against mere private conduct."2 7 Thus, before proceeding further into a First Amendment analysis, Judge Weiner first had to determine whether AOL was a state actor and whether its activities constituted state activities. The judge found that this was not the case, as the parties stipulated that the government owned no part of AOL and did not participate in its business decisions.28 Nonetheless, under certain circumstances, private property can be considered the equivalent of a public forum for purposes of the First Amendment.2 9 Because AOL was not a public entity, Judge Weiner considered whether its activities may "be fairly treated as that of the state itself' because there was "a sufficiently close nexus" between the state and AOL.30 In Mark v. Borough of Hatboro,31 the Third Circuit observed that the Supreme Court uses three distinct tests in determining whether there has been state action. 32 Applying the three tests to the facts of this case, the judge found that the first test, whether AOL "exercise[d] ... the exclusive prerogative of the state," was clearly not met. 33 The judge further concluded that AOL did not act with the help of or in concert with state officials; 34 nor did the government so far insinuate itself into a position of interdependence with AOL to be recognized as a joint participant in its activities.3 5 Because none of the three tests were met, the judge did not proceed with any further First Amendment analysis, and concluded that Cyber had no free speech right to send unsolicited e-mail to AOL's mem36 bers.

26. Hudgens v. NLRB, 424 U.S. 507, 513 (1976). 27. Shelley v. Kraemer, 334 U.S. 1, 13 (1948). 28. See Cyber, 948 F. Supp. at 441. 29. See Blum v. Yaretsky, 457 U.S. 991, 1004 (1982). 30. Cyber 1, 948 F. Supp. at 441 (quoting Blum v. Yaretsky, 457 U.S. at 1004). 31. 51 F.3d 1137, 1142 (3d Cir. 1995). The Eastern District of Pennsylvania lies within the Third Circuit and thus is bound by the circuit's opinions. 32. The first test, the "exclusive public function test," considers whether the challenged entity performs functions exclusively those of the government. The second test considers whether the state directly aids or acts in concert with the challenged entity in performing its actions. The final test, the "joint participation test," considers whether the state's involvement otherwise is so substantial that the state can fairly be treated as a "joint participant" in the action. See id. 33. See Cyber, 948 F. Supp. at 441-43. 34. Seeid. at444. 35. See id. at 444-45. 36. See id. at 445.

BERKELEY TECHNOLOGY LAW JOURNAL

[Vol. 13:417

Subsequent to the court's disposal of the free speech issue, Cyber raised an alternative theory that section 2 of the Sherman Act 37 would allow it to send unsolicited messages, alleging that AOL had an "essential and had "refused to deal," and sought a temporary restraining orfacility" 38 der. In order to prevail under section 2, Cyber had to show that: (1) AOL had monopoly power in the relevant market and (2) AOL acquired or maintained that monopoly power by deliberate conduct. 39 Judge Weiner first struck down Cyber's definition of the relevant market, finding that Cyber and AOL were not competitors and that there were numerous alternative ways for Cyber to reach AOL subscribers. 40 The court also determined that AOL did not possess the monopoly power in this market, be41 cause AOL did not have the ability to charge supra-competitive prices. Furthermore, even if AOL had monopoly power, it had not willfully acquired such power.42 Based on Cyber's failure to show these elements, Judge Weiner declared that there was little likelihood that AOL could be considered a monopoly in this case.43 Instead of stopping his analysis there, which would have been sufficient to dispose of the antitrust issue, Judge Weiner proceeded to examine elements of Cyber's essential facilities claim. Under the essential facilities or "bottleneck" doctrine, Cyber had to further show, "(1) control of the essential facility by [the] monopolist, (2) the competitor's inability practically or reasonably to duplicate the essential facility; (3) denial of the use of the facility to a competitor; and (4) the feasibility of providing the facility., 44 The judge first concluded that even if Cyber could prove AOL was a monopolist in the relevant market, the resources which AOL controlled were not "essential facilities" within the meaning of section 2. He further concluded that even if AOL could be considered a monopoly for purposes of the Sherman Act, Cyber could duplicate the resources that AOL controlled. 46 Moreover, the judge did not believe Cyber was com37. 15 U.S.C. § 2 (1994). The Sherman Act prohibits monopolization. 38. See CyberII, 948 F. Supp. at 457,460. 39. See generally 15 U.S.C. § 2 (1994). See also United States v. Grinnell Corp., 384 U.S. 563, 570-71 (1966). 40. See Cyber I, 948 F. Supp. at 461-62. 41. See id. at 462. 42. See id. at 463.

43. See id. at 464. 44. 748 (3d. 45. 46.

Id. at 460-61 (quoting Ideal Dairy Farms, Inc. v. John Labatt, Ltd., 90 F.3d 737, Cir. 1996)). See Cyber II, 948 F. Supp. at 463. See id.

1998]

CYBER PROMOTIONS v. AOL

pletely prevented from sending e-mail advertisements to AOL subscribers. 47 Finally, he found that AOL was unable to provide Cyber Promotions with free access without undue difficulties.48 The court essentially concluded that Cyber would be unlikely to succeed on any element or subclaim, and denied Cyber's motion for temporary element of the antitrust 49 injunctive relief. III. DISCUSSION OF THE COURT'S REASONING The court's conclusion that AOL clearly was not a state-actor equivalent and that Cyber's free speech rights were not a genuine issue in this case is quite sensible. Nevertheless, there is a question as to whether Judge Weiner went too far in his ruling. 50 Whether a party has a right to engage in a particular mode of speech, and whether a "medium" or a "forum" has the right to block this speech, should be two separate issues. There is a practical difference between a court stating that Cyber has no right to send e-mails in the first place, and a court allowing AOL to block the messages but recognizing Cyber's right to send them. The judge appears to have merged the two issues together and arrived at a conclusion that may unfairly disadvantage Cyber and other senders of bulk e-mail messages. 51 Instead, he should have distinguished between these two issues and analyzed them separately. 47. See id.

48. See id. 49. See id. at 464-65. Since the denial of Cyber's temporary restraining order was merely a procedural point and there was not a direct ruling on the merits, this comment will instead focus on the First Amendment issues of this case. 50. Mike Godwin, staff counsel with the Electronic Frontier Foundation, thought that it was the "right outcome but the wrong reasoning." See Janet Komblum, Junk Emailer Down For The Count (visited Feb. 12, 1998) . 51. The Cyber I opinion started with this passage: These cases present the novel issue of whether, under the First Amendment to the United States Constitution, one private company has the unfettered right to send unsolicited e-mail advertisements to subscribers of another private online company over the Internet and whether the private online company has the right to block the e-mail advertisements from reaching its members." Cyber L 948 F. Supp. at 437. It ended with this passage: Pursuant to 28 U.S.C. Sec. 1292(b), the following question is certified for an immediate appeal: Whether, under the First Amendment to the United States Constitution, one private company has the unfettered right to send unsolicited e-mail advertisements over the Internet to the e-mail servers of a private online company and whether the private on-

BERKELEY TECHNOLOGY LAW JOURNAL

[Vol. 13:417

Although it is true that AOL was neither a state actor nor a state actor equivalent, this does not necessarily mean that Cyber had "no right ... to send unsolicited e-mail to AOL's members." 52 The state actor/private entity distinction means that AOL is free to take, at its own discretion, appropriate steps to block Cyber's messages on its own private property. Cyber had the right to send, but did not have a right to prevent its messages from being blocked on private properties. The bulk of costs associated with unsolicited e-mail messages is borne by the receiving ISP, which must do so passively and unwillingly. 53 However, one must also look at the origin of the Internet's pricing and cost structure. When the Internet first came into being, its access and e-mail usage was limited to academic and governmental users; services were intended to be free and each participating ISP voluntarily absorbed all costs for its users. 54 E-mail abuse existed and was punished, but such issues were always dealt with privately between individual users and their own ISPs. For example, a receiver experiencing e-mail abuse would report the incident to the sender's ISP, who would55then conduct an investigation and take appropriate steps to stop the abuse. Over time, the original non-commercial nature of the Internet waned, but the cost-sharing expectation remained. Commercial ISPs conformed to the existing cost-sharing structure when they entered the Internet service market. As Cyber noted, ISPs voluntarily connected themselves to the Internet, and chose to provide their customers with the ability to send and receive e-mails. Upon payment of a certain fee, users expect their ISPs to assume both the costs and the risks associated with such e-mail usage, unless the users violate either the account agreement or the ISP policy. line company has the right to block the e-mail advertisements from reaching its members. Id. at 456. The court's choice of the singular forms of the words "issue" and "question" is indicative of how it merged the two issued together. Further, nowhere in the opinion did the court analyze these two issues separately. 52. Id. at 445. 53. In postal mail deliveries, the U.S. Postal Service acts as both the sender's carrier and the recipient's carrier, and the bulk of the costs associated with delivery have been paid and accounted for by the sender's postage. In e-mail deliveries, however, different ISPs separately assume the delivery costs, and receiving ISPs passively pay for at least half of the costs associated. See discussion infra Part IV. 54. For example, U.C. Berkeley still provides its faculty, students, and staff with free accounts. See U.C. Berkeley, UC Berkeley and UCLink Computer Use Policies Terms and Conditions (visited Feb. 12, 1998) . 55. See generally Carroll, supra note 1, at 254-57 (describing informal enforcement of Internet norms).

1998]

CYBER PROMOTIONS v. AOL

It can thus be argued that if there exists a duty to reasonably use emails, a sender owes this duty to its own ISP, and not to the receiving ISP. Cyber therefore should have as much right to send e-mails as any other user on the Internet, regardless of the volume or contents of its messages. Of course, each receiving ISP is also entitled to block undesired e-mails because it owes a duty only to its own subscribers; where messages are unsolicited or undesired by the recipient, the receiving ISP is under no duty to deliver the sender's e-mails.5 Judge Weiner's ruling appears narrow because it is specifically limited to the facts of this case and to the issues raised by the parties. Despite his ruling that Cyber's free speech rights would not be a valid defense to AOL's counterclaims, he did not bar Cyber from sending messages. Nonetheless, his opinion says more than it seems to on the surface. By to invade AOL's holding that Cyber did not have the "unfettered right ... private property" 57 while discussing extensively the costs incurred by AOL because of Cyber's unsolicited messages, 58 Judge Weiner essentially found Cyber's actions to be tortious. Thus, even without explicitly ruling on these issues, the opinion effectively exposed Cyber to potential conversion and misappropriation suits from other receiving ISPs, because the decision's strong language could provide support for other courts to issue injunctions. Indeed, since the issuance of this ruling, other courts, quoting have blocked Cyber from sending messages to a Judge Weiner's 5 order, 9 ISPs. of number IV. POLICY IMPLICATIONS Although Judge Weiner's three memorandum opinions have been widely hailed on the Internet as a major victory for e-mail users over the junk e-mailers, the opinions do not discuss the issue of user privacy. Cyber was denied the right to send e-mail not necessarily because its messages were unsolicited or unwanted by the recipients, but rather because Cyber failed to pay AOL for the privileges to send them. This means that whether particular messages are allowable will depend on the receiving ISPs, and not on the intended recipients of the actual messages. Recipi56. Where messages desired by the recipients are blocked by their ISPs, the issue can similarly be resolved between the recipient and the ISPs. Cf Janet Kornblum, Spain Nets Catching Innocents (visited Feb. 12, 1998) . 57. Cyber ,948 F. Supp. at 456. 58. See id. at 452. 59. See, e.g., Compuserve v. Cyber Promotions, 962 F. Supp. 1015, 1028 (S.D. Ohio 1997).

BERKELEY TECHNOLOGY LAW JOURNAL

[Vol. 13:417

ents' in-box privacy is left substantially unprotected. 60 Here, the court's implicit determination that the receiving ISP assumes the economic burden and risks associated with e-mail communications becomes significant. The decision effectively gives the right to control the sources of e-mail messages to the ISPs, rather than to the end users who receive the messages. From the cost-allocation perspective, if there is a right to control, it is logical to give it to the receiving ISP and not individual users. Any losses that individual e-mail recipients suffer from invasion of their privacy rights are de minimis, as opposed to the costs concentrated on the receiving ISPs. The costs borne by individual subscribers are primarily their online time, which some argue does amount to real money.6 1 However, several factors weigh against this argument. It used to be the case that many on-line users paid incrementally for time spent on the Internet. The largest on-line providers introduced flat-rate pricing roughly at the same time this lawsuit was filed, however, and the vast majority of Internet users now pay flat-rate subscription. The average hourly cost for on-line access is about 80 cents per hour for AOL members, 62 and deletion of even an inbox full of junk e-mails generally only takes a matter of seconds. 63 The costs incurred on the users are even less than those associated with receiving junk postal mail, while the privacy implications are comparably slim. 64 A recent on-line survey report shows that the majority of users 60. Recipients can only seek indirect privacy protection through their ISP, and rely on the ISP-provided mechanisms to assure that their mailboxes are not littered with unsolicited e-mail. Fortunately, so far the ISPs, in the midst of fierce market competition, seem to have generally been responsive to their own users. Cf Janet Kornblum, Spam Nets Catching Innocents (visited Feb. 12, 1998) . 61. See, e.g., Coalition Against Unsolicited Commercial Email, Join the Fight Against Sparm! (visited Mar. 6, 1998) . 62. See Yahoo! Finance, AOL Slightly Tops Expectations Despite Expense Growth (visited Feb. 11, 1998) . Even for those users who still pay incrementally for their time, the market rate is less than $2.50 per hour. See id. 63. Many e-mail services, especially the web e-mail services rapidly gaining popularity, now provide easy mass-deletion of messages. See, e.g., Yahoo! Mail, Online Support - How do I delete mail? (visited Feb. 12, 1998) . 64. See, e.g., Lamont v. Comm'r of Motor Vehicles, 269 F. Supp. 880, 883 (S.D.N.Y. 1967): There is no captive quality in the plight of which plaintiff complains. The mail box, however noxious its advertising contents often seem to judges as well as other people, is hardly the kind of enclave that requires constitutional defense to protect 'the privacies of life.' The

19981

CYBER PROMOTIONS v. AOL

simply delete undesired e-mails, and although they find the messages aneither invasions of their prinoying, they do not necessarily consider them 65 vacy or a burden on their time and money. ISPs can further argue that the recipients' subscription fees only cover reasonable use of the resources of the ISP, and not this kind of "irresponsible abuse." Out of the costs of the various resources involved in communication, 66 message storage before recipient retrieval is the most expensive aspect of e-mail transmissions. The costs for this are paid by the receiving ISPs, and these costs multiply in bulk e-mail situations. 67 Therefore, the receiving ISPs, not the subscribers, assume the costs and risks associated with activities that go beyond reasonable uses. Indeed, the ISPs have to constantly purchase new machines in response to demands associated with these activities. Users will argue that ISPs, as profit-seeking businesses, will adjust the prices they charge to reflect their costs, and recipients eventually will pay for the costs in the form of increased service charges. However, in view of the fierce market competition, ISPs would more likely absorb most of these costs through decreased profit margins than pass the costs directly onto their customers and risk deterioration of its subscriber base. 68 From this perspective, it is reasonable to let the receiv-

short, though regular, journey from mail box to trash can ... is an acceptable burden, at least so far as the Constitution is concerned. 65. The most recent study by the Graphics, Visibility and Usability Center of the Georgia Institute of Technology (GVU) shows 61% of recipients delete junk e-mails without opening them, and 11% actually read them. See GVU's WWW User Surveys, Attitudes Toward Spamming (visited Feb. 12, 1998) . 66. These costs, for example, would include costs for media containing messages; labor involved in duplicating, compiling, and sending messages; message storage before physical delivery; costs for physical delivery of messages; message storage before the recipients receive messages; recipient's retrieval of messages; recipient's disposal/storage of messages after retrieval. 67. This is due to the fact that in multiple e-mail deliveries, message duplication occurs as the messages are sent from the sending ISP to the receiving ISP. One message on the sending ISP merely gets copied many times onto the receiving ISP, incurring huge storage costs in bulk e-mail situations. See Jesse Berst, Get on Board the Multicast Bandwagon (visited Feb. 17, 1998) . 68. A mass migration of users would be highly visible in the ISP market, and aside from the obvious decrease of subscription revenues, it could result in loss of goodwill, decreased ISP ranking and bad publicity, and significant loss of advertising revenues. AOL recently raised its unlimited access fee by a mere 10%, in response to a tripling of usage since the introduction of its unlimited access plan several years ago. Many other ISPs are not planning to follow. See Yahoo! Finance-Business Wire, AOL to Increase

BERKELEY TECHNOLOGY LAW JOURNAL

[Vol. 13:417

ing ISP, as opposed to the recipients, decide what messages should be delivered and which ones should not. Nonetheless, a question remains as to whether it is wise to find that sending mass e-mail constitutes a per se unacceptable invasion of an ISP's private property. Logically, this implies that any incoming e-mail is an invasion of a receiving ISP's property unless explicitly permitted by the ISP. This in effect leaves the receiving ISP with the sole power to permit or deny messages based on whether the senders have paid enough to cover their costs. Senders who send messages that are too large, or those who send messages to too many users-as determined by the receiving ISPcould thus be sued in court to recover the "damage" done to the ISPs property, regardless of whether the recipients solicit or in fact desire such messages. The potential "chilling effect" on the e-mail senders could run contrary to the policy underlying the Internet: namely, encouraging the free flow of ideas and expression through high efficiency, fast speed, low costs, and minimal external control. V. DESIRABILITY OF LIMITED REGULATION Absent governmental regulation on e-mail abuse, courts will inevitably become guardians of the orderly functioning of the Internet (as the facts of Cyber Promotions demonstrate). However, Cyber Promotions also illustrates why society should not leave this matter to the court system. Parties will litigate to allocate costs and damages, which could be costly in terms of both time and money to all involved. Moreover, rather than leaving the power to control to message recipients, courts will inevitably have to place this power on whoever bears the most concentrated costs, potentially disappointing societal expectations. Furthermore, despite high-profile court defeats, numerous new junk email senders are proliferating. 69 Given the high costs of initiating lawsuits, it is increasingly evident that litigation is not a realistic weapon against junk e-mailers. Barriers to entry are virtually non-existent for spammers and chances of recovery from these individuals are usually low. Junk e-mailers realize this fact, and litigation is quickly losing its deterrent effects. Market regulation appears to be the only means left, and it is not difficult to see that private entities alone cannot adequately address the Price for Unlimited Use by $2 Monthly Starting in April (visited Mar. 6, 1998) . 69. Commentators liken the situation to "removing water from the Titanic with a bucket." Janet Kornblum, FTC Issues Warning to Spammers (visited Feb. 12, 1998) .

19981

CYBER PROMOTIONS v. AOL

problem. 70 As Cyber Promotions has shown, technology which filters out messages by identifiable parts in the message may not solve this problem because there are numerous ways of circumventing attempts to block the messages.7 ' While the settlement of this case appears to demonstrate that it is possible to resolve junk e-mail disputes by private contract alone, this does not mean that similar results can always be reached without extensive litigation. The heart of the problem is that reliance on the courts' injunction/damages approach will only be effective in allocating costs between parties, rather than decreasing them altogether. Private or market solutions would effectively decrease costs for everyone, but they alone are inadequate to force compliance. These approaches are either inefficient or ineffective, and they could both impose enormous additional costs on society. Internet regulation may appear the most efficient solution to this problem. A number of bills have been introduced to regulate the Internet. 72 The content of these proposed bills includes expanding Congress' junk-fax ban in 1991 to junk e-mails,73 requiring receiving ISPs to install filtering software, and establishing a regime in which recipients can easily collect damages from junk e-mailers.7 Blanket proposals such as a full ban on junk e-mails, however, will likely be subjected to vigorous constitutional challenges before they could be implemented.75 70. For a discussion on private regulation of electronic junk mail, see Carroll, supra note 1,at 254-59 (listing cultural "netiquette" regulation, vigilante regulation, structural regulation through ISP agreements, and market regulation via filters). 71. Cyber generally utilized the tactics of "spoofing," which entailed disguising the sender e-mail address and making messages appear as if they came from another AOL user, a Compuserve user, or any user of Cyber's choice. This practice incurred even more costs on AOL, because in situations where messages were undeliverable (which was quite common due to the large turnover rate of AOL subscribers), AOL computers tried in vain to return the messages to the nonexistent addresses Cyber had made up. 72. For a listing of the bills introduced so far, see Coalition Against Unsolicited Commercial Email, Sparn Bill Analysis (visited Feb. 12, 1998) . 73. See generally the Telephone Consumer Protection Act, Pub. L. No. 102-243, 105 Stat. 2394 (1991) (codified at 47 U.S.C. § 227 (1994)). This Act outlawed all unsolicited fax solicitations. It was challenged in court, but was upheld in Destination Ventures, Ltd. v. FCC,46 F.3d 54, 56 (9th Cir. 1995). 74. See Coalition Against Unsolicited Commercial Email, supra note 72. 75. See, e.g., Mary M. Luria, Controlling Web Advertising: Spamming, Linking, Framing, and Privacy, 14 COMPUTER LAW. 10, 12 (1997). Further discussion of these proposals and their constitutional implications is beyond the scope of this comment. For an extensive treatment on governmental bans, the First Amendment, and court scrutiny,

BERKELEY TECHNOLOGY LAW JOURNAL

[Vol. 13:417

The most efficient solution to this problem is not direct regulation on the act of sending e-mail. Rather, the ideal legislation would merely make it either technologically or legally impossible to circumvent the recipients' attempt to identify and block specific kinds of messages. Such legislation could encompass the prevention of e-mail software and Internet browsers from incorporating features enabling users to override settings showing the real source of e-mail messages. 76 Congress could also require indications in e-mail subject headers that content is unsolicited or commercial, or directly prohibit senders from hiding their identities. 77 Undesired messages can thus successfully be filtered out before costs are incurred on the receiving ISP, because if senders are prevented from evading recipient filters, market technology is advanced enough to do the rest. By adopting a limited form of legislation specifically tailored to assist the market in self-regulation and thereby ensuring the effectiveness of the technological solutions, all will benefit from the resulting efficiency. Recipients regain from their ISPs the power to directly control the kind of messages they receive, ISPs decrease their costs to process the messages and maintaining their systems, junk mailers can openly display the source of the messages, and the industry's need for litigation will be minimal.78 VI. CONCLUSION Absent regulations and dramatic changes in the cost and pricing structure of the Internet, the future significance of this issue will depend see Carroll, supra note 1, at 252-62 (arguing that only a limited form of regulation is likely to pass intermediate scrutiny). 76. The reason that "spoofing" is so prevalent and consequently the effective blocking of e-mail is so difficult is precisely because it is extremely easy to "spoof." Many of the popular e-mail software, such as Netscape Mail, Microsoft Exchange, and Eudora Pro, allow users to enter their own identity, affiliated organization and most importantly, return e-mail address. As a result, it becomes practically impossible for recipients and their ISPs to block messages based on sender's e-mail address, if the senders choose to falsify the information. On non-commercial ISPs, it is impossible to send messages out without revealing the senders' identity and address, making abuses easy to track. See, e.g., U.C. Berkeley, UC Berkeley and UCLink Computer Policies - UCLink Personal Names Policy (visited Feb. 12, 1998) . 77. The "labeling requirement" is a common feature of the bills currently in Congress. See Luria, supra note 75, at 12. 78. Many have proposed systems where junk e-mails can be legitimized. However, these proposals tend to depend heavily, if not completely, upon spammers' voluntary cooperation. Their feasibility is therefore questionable at best. See Janet Kornblum, More Attempts to Legitimize Spam (visited Feb. 11, 1998) .

1998]

CYBER PROMOTIONS v. AOL

largely on technological developments in the industry. As discussed above, this revolves around relative costs for various resources involved in the transmission of messages. As hard drives or other storage devices become more available at lower prices, storage costs of both the users and their ISPs will decrease. As computing technology progresses 79 and more potent hardware and software become available at lower cost, all costs should decrease, most noticeably the duplication and transmission costs. These developments will reduce the burden on ISP servers, minimizing the chances of suspension of service due to server overload (which means both enormous costs to the ISP and inconvenience of all subscribers). The effect of developments in networking, on the other hand, is controversial. As bandwidth increases and modem technology advances, spammers will perceive that sending larger e-mail messages containing multimedia files is more feasible. Thus, with increased network speed and decreased network costs, junk e-mail can be expected to grow in size. Although the user access and e-mail delivery costs will decrease with the lower networking costs and higher efficiency, whether this will offset the growth of junk-mail file size remains to be seen. While the continual cost significance of the junk e-mail problem is uncertain, Cyber Promotions demonstrates the need for limited legislation to assist the industry to decrease costs involved in e-mail communication. Society cannot rely on the market to work this out. Without effective means to implement self-regulation, those who circumvent the rules may still reap rewards. Society cannot rely on lawsuits or courts to solve the problem. Litigation is expensive and lengthy; it increases, rather than decreases, the overall burden that society must bear. The junk e-mail problem clearly demands a much more comprehensive, constructive, and efficient solution.

79. Widespread adoption of powerful new protocols such as IP Multicasting, for example, greatly reduces e-mail transmission loads on the ISP servers. See generally Berst, supra note 67.

BERKELEY TECHNOLOGY LAW JOURNAL ANNUAL REVIEW OF LAW AND TECHNOLOGY

TELECOMMUNICATIONS LAW